I am trying to control the outgoing traffic from two VMs with the DRR qdisc.
This is the hierarchy I want to have:
root
|
qdisc drr
1:
/ | \
/ | \
class drr class drr class drr
quantum 200 quantum 800 (w/ max quantum)
1:1 1:2 1:3
Traffic of VM1 should go to 1:1, traffic of VM2 to 1:2, everything else to 1:3 (as DRR has no default class itself). The outgoing traffic of the VMs gets marked with 1 resp. 2. With iptables -L -v -n -t mangle I can see that the packets get correctly marked.
I set this up with the following commands:
tc qdisc add dev wlan0 handle 1: root drr
tc class add dev wlan0 parent 1: classid 1:1 drr quantum 200
tc class add dev wlan0 parent 1: classid 1:2 drr quantum 800
tc class add dev wlan0 parent 1: classid 1:3 drr #used as default class
tc filter add dev wlan0 parent 1: protocol ip prio 1 handle 1 fw classid 1:1
tc filter add dev wlan0 parent 1: protocol ip prio 1 handle 2 fw classid 1:2
tc filter add dev wlan0 parent 1: protocol ip prio 2 u32 match ip dst 0.0.0.0/0 classid 1:3 #match everything
But with this configuration I can't access the network at all. Nearly every packet gets dropped by the root qdisc.
These are the outputs after sending 83 packets from VM1 (all getting marked correctly).
#tc -s class show dev wlan0
class drr 1:1 root quantum 200b
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
deficit 0b
class drr 1:2 root quantum 800b
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
deficit 0b
class drr 1:3 root quantum 1514b
Sent 118029 bytes 497 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
deficit 0b
#tc -s qdisc show dev wlan0
qdisc drr 1: root refcnt 2
Sent 117057 bytes 493 pkt (dropped 3372, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
As you can see, there are no packets getting directed to 1:1 and from the non-VM traffic, only a small part is directed to 1:3.
When using the same filter commands with HTB, everything works as expected. What am I doing wrong here?
